Vulnerability Bulletins

IBM Security Bulletin: IBM Sterling Order Management is affected by Cross Site Scripting (XSS) Vulnerability (CVE- 2015-1911)

System information
   
Affected software IBM

Description
IBM Sterling Selling and Fulfillment Foundation is vulnerable to Cross Site Scripting vulnerability (XSS) which could lead to impersonating a legitimate user, allowing an attacker unauthorized access to a users record. CVE(s): CVE-2015-1911 Affected product(s) and affected version(s): Sterling Order Management 8.5 IBM Sterling Selling and Fulfillment Foundation 9.0 IBM Sterling Field Sales 9.0 Refer to the following reference URLs for remediation and additional vulnerability

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_sterling_order_management_is_affected_by_cross_site_scripting_xss_vulnerability_cve_2015_1911?lang=en_us

Standar resources
Property Value
CVE

Version history
Version Comments Date
1.0 Advisory issued 2015-04-17
Ministerio de Defensa
CNI
CCN
CCN-CERT